Zuora OneID FAQs

This article contains answers to frequently asked questions about Zuora OneID. If you have a question not covered here, don't hesitate to ask in the Community Group or reach out to Zuora Global Support.

We are continually updating the list. 

Q: Which authentication protocol does Zuora OneID support?

A: Zuora OneID enables authentication through SAML 2.0 protocol.

Q: Is it possible to perform SCIM provisioning with Zuora OneID?(System for Cross Domain Identity Management)

A: Zuora OneID offers SCIM provisioning to facilitate secure automated exchange of user identity data with other IAM systems. In Zuora, it can be utilized to perform CRUD operations on user and group resources. At present, Zuora OneID does not support SCIM provisioning with Azure AD.

Q: Can I still login with my old local credentials after moving to Zuora OneID?

A: After migrating to OneID, you can use your old local credentials for 90 days by default. Your local login details will soon be outdated, and you will only be able to access Zuora tenants using Zuora OneID.You can modify the lock-in period of local credentials as per your organization's needs.

Q: Can we switch to OneID using only Sandbox environments initially?

A: It's possible to onboard/migrate to OneID using your Sandbox environment and its users. You can enable the Production tenant in OneID later.

Q: Does migrating users to OneID from local Zuora tenants maintain their roles and access levels?

A: OneID migration from tenant will keep users' roles and permissions intact.

Q: Between user migration roles and roles assigned by user groups, which one takes precedence?

A: The roles assigned to user groups have higher priority than roles assigned locally to users in local tenants.